CN109347785A - A kind of terminal type recognition methods and device - Google Patents
A kind of terminal type recognition methods and device Download PDFInfo
- Publication number
- CN109347785A CN109347785A CN201810916086.0A CN201810916086A CN109347785A CN 109347785 A CN109347785 A CN 109347785A CN 201810916086 A CN201810916086 A CN 201810916086A CN 109347785 A CN109347785 A CN 109347785A
- Authority
- CN
- China
- Prior art keywords
- terminal
- terminal type
- probability
- type
- dynamic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
Abstract
The invention discloses a kind of terminal type recognition methods and devices, this method comprises: judging whether the terminal is to network for the first time when monitoring terminal networking;If not networking for the first time, then identified using terminal type of the dynamic fingerprint library to the terminal;Wherein, the dynamic fingerprint library include terminal terminal type and corresponding networking dynamic behaviour.The embodiment of the present invention is based on the dynamic fingerprint information and identifies to terminal type, and the recognition accuracy of terminal type can be greatly improved.
Description
Technical field
The present invention relates to network communication technology field, espespecially a kind of terminal type recognition methods and device.
Background technique
With the Rapid Popularization of intelligent terminal, IT consumerization trend is more and more obvious.In particular with oneself equipment of carrying
The rise of office (Bring Your Own Device, BYOD), produces serious punching to original enterprise network access-in management
It hits.In security consideration, IT administrator needs the different terminals type according to networking, defines different network access policies.
So-called identification terminal type, it is important to device type, OS Type and the manufacturer's information of identification terminal.Just
As everyone can possess a unique fingerprint, each terminal can also have oneself unique characteristic.And these
Unique characteristic can embody in behavior of the terminal device with extraneous communication.By track terminal communication behavior, it is analyzed
Characteristic, to judge the technology of terminal type information, referred to as Terminal fingerprints identification technology.
Existing Terminal fingerprints identification technology includes: 1, MAC OUI identification: the MAC Address whole world of terminal is unique, MAC
OUI (Organizationally Unique Identifier, organization unique identifier) represents IEEE and distributes to each manufacturer
Company ID, be the first six digits of MAC Address.Pass through MAC OUI, it can be determined that the device manufacturer of terminal.However this method can only
Device manufacturer is recognized, same MAC Address end is used for OEM equipment or multiple types of terminals, identification probability can be reduced.2,
DHCP message identification: DHCP protocol itself is one of the indispensable agreement that each network-termination device can be supported, for applying
Obtain dynamic IP addressing.The Option field in DHCP request is initiated by identification user, to determine the type of terminal, wherein comparing
More effective method is to identify Option 55 (the parameter ParameterRequest List that client wishes to obtain), Option
60 (for describing manufacturer's information).Be disadvantageous in that same system use DHCP request be it is essentially identical, for difference
Terminal is difficult to distinguish if using same system, such as using the PC of windows system and equally using windows system
The DHCP fingerprint of the video conference device of system is identical.3, HTTP message identifies: HTTP is the basic agreement of web access, is
Offer function and using effect joined the information of many client end/server ends in the definition and realization of this agreement.For
Server is allowed preferably to provide data, client is actively the letter such as browser version, OS Type, operating system version
Cease positive ground Tell server end.The information is usually provided by User-Agent field in HTTP.For intelligent movable
Terminal, each manufacturer provide type, model, operating system and the manufacturer's information of equipment usually in User-Agent field.
It is insufficient: many terminals of device type information in User-Agent will not be carried and carry information format without standard, simultaneously
There is also be easy to distort the possibility of fraud for User-Agent information.
Therefore, how efficiently and accurately identification terminal type become primarily solve the problems, such as.
Summary of the invention
The embodiment of the present invention provides a kind of terminal type recognition methods and device, and terminal exists in the prior art to solve
The problem of type identification inaccuracy.
A kind of terminal type recognition methods, which comprises
When monitoring terminal networking, judge whether the terminal is to network for the first time;
If not networking for the first time, then identified using terminal type of the dynamic fingerprint library to the terminal;Wherein, described
Dynamic fingerprint library include terminal terminal type and corresponding networking dynamic behaviour.
Further, before monitor terminal networking, the method, further includes:
Initial dynamic fingerprint library is created, the initial dynamic fingerprint library includes that static fingerprint base discrimination is lower than first
The terminal type of preset threshold and corresponding networking dynamic behaviour.
Further, the method, further includes:
If networking for the first time, then identified using terminal type of the static fingerprint base to the terminal;Wherein, described quiet
State fingerprint base includes the terminal type and corresponding static finger print information of terminal, the static state finger print information include MAC OUI,
DHCP OPTION and HTTP UA information it is one or more.
Further, the method, further includes:
If network for the first time, and can not identify the terminal type of the terminal using the static fingerprint base, institute is utilized
Dynamic fingerprint library is stated to identify the terminal type of the terminal.
Further, the method, further includes:
The terminal type identified using static fingerprint base and corresponding networking dynamic behaviour are updated to the dynamic and referred to
In line library.
It is preferably, described to be identified using terminal type of the dynamic fingerprint library to the terminal, comprising:
The terminal type and corresponding network behavior record in the dynamic fingerprint library are obtained, input probability is calculated;
Using Bayes' theorem formula and the input probability, the terminal type in the dynamic fingerprint library is traversed, is obtained
Probability of outcome;Wherein, the input probability includes: probability P (A), the determination that terminal type occurs in present networks for the terminal of A
Under the premise of terminal type is A, occur that the probability P (B | A) of B network behavior, B network row occur in all terminal types in present networks
For probability P (B);P (A | B) it is probability of outcome, i.e., under the premise of B network behavior occurs in determination, terminal type is the probability of A;
The corresponding terminal type of highest probability of outcome is determined as to the terminal type of the terminal.
A kind of terminal type identification device, described device, comprising: monitoring unit, recognition unit;Wherein,
The monitoring unit, for judging whether the terminal is to network for the first time when monitoring terminal networking;
The recognition unit, for if not networking for the first time, then using dynamic fingerprint library to the terminal type of the terminal
It is identified;Wherein, the dynamic fingerprint library include terminal terminal type and corresponding networking dynamic behaviour.
Further, described device, further includes:
Creating unit, for creating initial dynamic fingerprint library, the initial dynamic fingerprint library includes static fingerprint base
Terminal type of the discrimination lower than the first preset threshold and corresponding networking dynamic behaviour.
Further, the recognition unit, if being also used to network for the first time, then using the static fingerprint base to the end
The terminal type at end is identified;Wherein, the static fingerprint base includes the terminal type and corresponding static fingerprint letter of terminal
Breath, the static state finger print information includes the one or more of MAC OUI, DHCP OPTION and HTTP UA information.
Further, the recognition unit, is also used to: if networking for the first time, and can not identify institute using static fingerprint base
When stating the terminal type of terminal, the terminal type of the terminal is identified using the dynamic fingerprint library.
Further, described device, further includes: updating unit, the terminal class for static fingerprint base will to be utilized to identify
Type and corresponding networking dynamic behaviour are updated into the dynamic fingerprint library.
Preferably, the recognition unit, specifically for obtaining terminal type and corresponding net in the dynamic fingerprint library
Network behavior record, is calculated input probability;
Using Bayes' theorem formula and the input probability, the terminal type in the dynamic fingerprint library is traversed, is obtained
Probability of outcome;Wherein, the input probability includes: probability P (A), the determination that terminal type occurs in present networks for the terminal of A
Under the premise of terminal type is A, occur that the probability P (B | A) of B network behavior, B network row occur in all terminal types in present networks
For probability P (B);P (A | B) it is probability of outcome, i.e., under the premise of B network behavior occurs in determination, terminal type is the probability of A;
The corresponding terminal type of highest probability of outcome is determined as to the terminal type of the terminal.
The present invention has the beneficial effect that:
Terminal type recognition methods provided in an embodiment of the present invention and device, are networked by monitor terminal, and terminal not
It is in the case where networking for the first time, to carry out the identification of terminal type to terminal using the networking dynamic behaviour in dynamic fingerprint library.This
The finger print information of terminal is defined in invention using the networking dynamic behaviour of terminal, and the function of terminal determines terminal
Networking dynamic behaviour is relatively fixed, therefore, is identified based on the dynamic fingerprint information to terminal type, end can be greatly improved
Hold the recognition accuracy of type.
Detailed description of the invention
Fig. 1 is a kind of flow chart of terminal type recognition methods in the embodiment of the present invention;
Fig. 2 is a kind of structural schematic diagram of terminal type identification device in the embodiment of the present invention.
Specific embodiment
Firstly, briefly being introduced Bayes' theorem, Bayes' theorem is the formula for calculating " conditional probability ".It is so-called
" conditional probability " just refers to that under conditions of event B occurs, the probability that event A occurs is indicated with P (A | B).
Under in event B, a situation arises, the probability that event A occurs is exactly P (A ∩ B) divided by P (B)
That is: P (A │ B)=(P (A ∩ B))/(P (B)), therefore P (A ∩ B)=P (A | B) P (B),
So: P (A │ B) P (B)=P (B | A) P (A),
I.e.: P (A │ B)=P (A) (P (B | A))/(P (B)), here it is the calculation formula of conditional probability.
Here, P (A) is known as " prior probability ", i.e., a judgement before event B generation, to event A probability.P(A
| B) be known as " posterior probability ", i.e., after event B generation, event A is reappraised.P (B | A)/P (B) referred to as " possibility
Function ", this is a Dynamic gene, so that estimating probability closer to true probability.
So conditional probability is it is to be understood that posterior probability=Xian tests Gai Shuai ﹡ Dynamic gene.Herein, if possible property
Function P (B | A)/P (B) > 1, it is meant that prior probability enhancing, a possibility that generation of event A become larger;If possible property function P
(B | A)/P (B)=1, it is meant that event B does not influence a possibility that event A;If possible property function P (B | A)/P (B) < 1, meaning
Prior probability be weakened, event A occur a possibility that become smaller.
For the problem of terminal type existing in the prior art identification inaccuracy, terminal class provided in an embodiment of the present invention
Type recognition methods supplements the finger print information of terminal from the network behavior angle of terminal supplement, different types of terminal
Function in a network has stationarity, then its corresponding networking dynamic behaviour is also relatively stable, and therefore, the present invention passes through
Increase finger print information of the dynamic fingerprint library of characterization terminal networking dynamic behaviour as terminal, carries out the knowledge of the terminal type of terminal
Not.The process of the method for the present invention is as shown in Figure 1, execute that steps are as follows:
Step 101, when monitoring terminal networking, judge whether the terminal is to network for the first time;
Step 102, it if not networking for the first time, is then identified using terminal type of the dynamic fingerprint library to the terminal;
Wherein, the dynamic fingerprint library include terminal terminal type and corresponding networking dynamic behaviour.
Further, before step 101, the method, further includes:
Initial dynamic fingerprint library is created, the initial dynamic fingerprint library includes that static fingerprint base discrimination is lower than first
The terminal type of preset threshold and corresponding networking dynamic behaviour;
Here, the static fingerprint base includes that the terminal type of terminal and corresponding static finger print information, the static state refer to
Line information includes the one or more of MAC OUI, DHCP OPTION and HTTP UA information;The static state fingerprint base can utilize industry
What boundary had increased income includes the fingerprint base realization of above-mentioned static finger print information;It is default lower than first for discrimination in static fingerprint base
The terminal type of threshold value, after passing through local actual verification terminal type and counting the corresponding networking dynamic behaviour of the terminal, typing
To dynamic fingerprint library;Here, first preset threshold can require to carry out sets itself according to recognition accuracy, may be, for example,
90%, 95% etc..
Further, when the terminal is to network for the first time, if then the described method includes: networking for the first time, then using static
Fingerprint base identifies the terminal type of the terminal;Wherein, the static fingerprint base includes the terminal type of terminal and right
The static finger print information answered, it is described static state finger print information include MAC OUI, DHCP OPTION and HTTP UA information one kind or
It is a variety of.
For dynamic fingerprint library described in continuous renolation, the method also includes: it will be identified using static fingerprint base
Terminal type and corresponding networking dynamic behaviour update into the dynamic fingerprint library.
Specifically, after the terminal type that the terminal is identified by static fingerprint base, the terminal is counted in preset duration
Networking dynamic behaviour, and the terminal type and corresponding networking dynamic behaviour are updated into the dynamic fingerprint library, in this way,
It may be implemented to constantly improve update to dynamic fingerprint library by the step, the identification that can further increase terminal type is accurate
Rate.Wherein the networking dynamic behaviour may include: terminal on-line time, network behavior record (office, video, game, language
Sound, chat, downloading APP etc.) etc..
Further, the method also includes: if terminal is for the first time to network, and can not identified using the static fingerprint base
When the terminal type of the terminal, then the terminal type of the terminal is identified using the dynamic fingerprint library.
It is specifically, described to be identified using terminal type of the dynamic fingerprint library to the terminal in the present invention, comprising:
The terminal type and corresponding network behavior record in the dynamic fingerprint library are obtained, input probability is calculated;
Here, input probability refers to input probability required for Bayes' theorem formula;
Utilize Bayes' theorem formulaWith the input probability, the dynamic fingerprint library is traversed
In terminal type, obtain probability of outcome;Wherein, the input probability includes: that the terminal that terminal type is A goes out in present networks
Existing probability P (A), under the premise of determining that terminal type is A, probability P (B | A) that B network behavior occur, all ends in present networks
There is the probability P (B) of B network behavior in end type;P (A | B) it is probability of outcome, i.e., under the premise of B network behavior occurs in determination, eventually
Holding type is the probability of A;
The corresponding terminal type of highest probability of outcome is determined as to the terminal type of the terminal.
Terminal type recognition methods provided in an embodiment of the present invention, is networked by monitor terminal, and is not for the first time in terminal
In the case where networking, the identification of terminal type is carried out to terminal using the networking dynamic behaviour in dynamic fingerprint library.And in terminal
If in the case where networking for the first time, directly using static state fingerprint base progress type identification, and by the terminal type recognized and right
The networking dynamic behaviour answered is updated into dynamic fingerprint library, improves dynamic fingerprint library to constantly update;And it is networking and is leading to for the first time
When crossing static fingerprint base and identify not Chu terminal type, then directly using dynamic fingerprint library in conjunction with Bayes' theorem progress type knowledge
Not;Using the networking dynamic behaviour of terminal come the finger print information of complementary definition terminal, and the function of terminal determines terminal
Networking dynamic behaviour it is relatively fixed, therefore, terminal type is identified based on the dynamic fingerprint information, can be greatly improved
The recognition accuracy of terminal type.
Based on the same inventive concept, the embodiment of the present invention provides a kind of terminal type identification device, structure as shown in Fig. 2,
It include: monitoring unit 21, recognition unit 22;Wherein,
The monitoring unit 21, for judging whether the terminal is to network for the first time when monitoring terminal networking;
The recognition unit 22, for if not networking for the first time, then using dynamic fingerprint library to the terminal class of the terminal
Type is identified;Wherein, the dynamic fingerprint library include terminal terminal type and corresponding networking dynamic behaviour.
Further, described device, further includes:
Creating unit 23, for creating initial dynamic fingerprint library, the initial dynamic fingerprint library includes static fingerprint
Terminal type of the library discrimination lower than the first preset threshold and corresponding networking dynamic behaviour.
Further, the recognition unit 22, if being also used to network for the first time, then using the static fingerprint base to described
The terminal type of terminal is identified;Wherein, the static fingerprint base includes the terminal type and corresponding static fingerprint of terminal
Information, the static state finger print information includes the one or more of MAC OUI, DHCP OPTION and HTTP UA information.
Further, the recognition unit 22, is also used to: if networking for the first time, and can not identified using static fingerprint base
When the terminal type of the terminal, the terminal type of the terminal is identified using the dynamic fingerprint library.
Further, described device, further includes: updating unit 24, the terminal for static fingerprint base will to be utilized to identify
Type and corresponding networking dynamic behaviour are updated into the dynamic fingerprint library.
Further, the recognition unit 22, specifically for obtaining terminal type and correspondence in the dynamic fingerprint library
Network behavior record, input probability is calculated;
Utilize Bayes' theorem formulaWith the input probability, the dynamic fingerprint library is traversed
In terminal type, obtain probability of outcome;Wherein, the input probability includes: that the terminal that terminal type is A goes out in present networks
Existing probability P (A), under the premise of determining that terminal type is A, probability P (B | A) that B network behavior occur, all ends in present networks
There is the probability P (B) of B network behavior in end type;P (A | B) it is probability of outcome, i.e., under the premise of B network behavior occurs in determination, eventually
Holding type is the probability of A;
The corresponding terminal type of highest probability of outcome is determined as to the terminal type of the terminal.
It should be appreciated that terminal type identification device realization principle and process provided in an embodiment of the present invention and above-mentioned Fig. 1 and
Shown in embodiment it is similar, details are not described herein.
Terminal type identification device provided in an embodiment of the present invention, is networked by monitor terminal, and is not for the first time in terminal
In the case where networking, the identification of terminal type is carried out to terminal using the networking dynamic behaviour in dynamic fingerprint library.And in terminal
If in the case where networking for the first time, directly using static state fingerprint base progress type identification, and by the terminal type recognized and right
The networking dynamic behaviour answered is updated into dynamic fingerprint library, improves dynamic fingerprint library to constantly update;And it is networking and is leading to for the first time
When crossing static fingerprint base and identify not Chu terminal type, then directly using dynamic fingerprint library in conjunction with Bayes' theorem progress type knowledge
Not;Using the networking dynamic behaviour of terminal come the finger print information of complementary definition terminal, and the function of terminal determines terminal
Networking dynamic behaviour it is relatively fixed, therefore, terminal type is identified based on the dynamic fingerprint information, can be greatly improved
The recognition accuracy of terminal type.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Although alternative embodiment of the invention has been described, created once a person skilled in the art knows basic
Property concept, then additional changes and modifications may be made to these embodiments.So the following claims are intended to be interpreted as include can
It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, those skilled in the art can carry out various modification and variations without departing from this hair to the embodiment of the present invention
The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention
And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.
Claims (12)
1. a kind of terminal type recognition methods, which is characterized in that the described method includes:
When monitoring terminal networking, judge whether the terminal is to network for the first time;
If not networking for the first time, then identified using terminal type of the dynamic fingerprint library to the terminal;Wherein, the dynamic
Fingerprint base include terminal terminal type and corresponding networking dynamic behaviour.
2. the method according to claim 1, wherein monitor terminal networking before, the method, further includes:
Initial dynamic fingerprint library is created, the initial dynamic fingerprint library includes that static fingerprint base discrimination is default lower than first
The terminal type of threshold value and corresponding networking dynamic behaviour.
3. the method according to claim 1, wherein the method, further includes:
If networking for the first time, then identified using terminal type of the static fingerprint base to the terminal;Wherein, the static state refers to
Line library includes the terminal type and corresponding static finger print information of terminal, and the static state finger print information includes MAC OUI, DHCP
OPTION and HTTP UA information it is one or more.
4. according to the method described in claim 3, it is characterized in that, the method, further includes:
If network for the first time, and can not identify the terminal type of the terminal using the static fingerprint base, moved using described
State fingerprint base identifies the terminal type of the terminal.
5. according to the method described in claim 3, it is characterized in that, the method, further includes:
The terminal type identified using static fingerprint base and corresponding networking dynamic behaviour are updated to the dynamic fingerprint library
In.
6. method according to any one of claims 1 to 5, which is characterized in that described to utilize dynamic fingerprint library to the terminal
Terminal type identified, comprising:
The terminal type and corresponding network behavior record in the dynamic fingerprint library are obtained, input probability is calculated;
Utilize Bayes' theorem formulaWith the input probability, traverse in the dynamic fingerprint library
Terminal type obtains probability of outcome;Wherein, the input probability includes: that the terminal that terminal type is A occurs in present networks
Under the premise of determining that terminal type is A, there are probability P (B | A), all terminal classes in present networks of B network behavior in probability P (A)
There is the probability P (B) of B network behavior in type;P (A | B) it is probability of outcome, i.e., under the premise of B network behavior occurs in determination, terminal class
Type is the probability of A;
The corresponding terminal type of highest probability of outcome is determined as to the terminal type of the terminal.
7. a kind of terminal type identification device, which is characterized in that described device, comprising: monitoring unit, recognition unit;Wherein,
The monitoring unit, for judging whether the terminal is to network for the first time when monitoring terminal networking;
The recognition unit, for if not network for the first time, then being carried out using terminal type of the dynamic fingerprint library to the terminal
Identification;Wherein, the dynamic fingerprint library include terminal terminal type and corresponding networking dynamic behaviour.
8. device according to claim 7, which is characterized in that described device, further includes:
Creating unit, for creating initial dynamic fingerprint library, the initial dynamic fingerprint library includes static fingerprint base identification
Terminal type of the rate lower than the first preset threshold and corresponding networking dynamic behaviour.
9. device according to claim 7, which is characterized in that the recognition unit, it is if being also used to network for the first time, then sharp
The terminal type of the terminal is identified with the static fingerprint base;Wherein, the static fingerprint base includes the end of terminal
Type and corresponding static finger print information are held, the static state finger print information includes MAC OUI, DHCP OPTION and HTTP UA letter
What is ceased is one or more.
10. device according to claim 9, which is characterized in that the recognition unit is also used to: if it networks for the first time, and
When can not identifying the terminal type of the terminal using static fingerprint base, using the dynamic fingerprint library to the terminal of the terminal
Type is identified.
11. device according to claim 8, which is characterized in that described device, further includes: updating unit, for that will utilize
The terminal type and corresponding networking dynamic behaviour that static fingerprint base identifies are updated into the dynamic fingerprint library.
12. according to any device of claim 7 to 11, which is characterized in that the recognition unit is specifically used for obtaining institute
The terminal type and corresponding network behavior record in dynamic fingerprint library are stated, input probability is calculated;
Utilize Bayes' theorem formulaWith the input probability, traverse in the dynamic fingerprint library
Terminal type obtains probability of outcome;Wherein, the input probability includes: that the terminal that terminal type is A occurs in present networks
Under the premise of determining that terminal type is A, there are probability P (B | A), all terminal classes in present networks of B network behavior in probability P (A)
There is the probability P (B) of B network behavior in type;P (A | B) it is probability of outcome, i.e., under the premise of B network behavior occurs in determination, terminal class
Type is the probability of A;
The corresponding terminal type of highest probability of outcome is determined as to the terminal type of the terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810916086.0A CN109347785A (en) | 2018-08-13 | 2018-08-13 | A kind of terminal type recognition methods and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810916086.0A CN109347785A (en) | 2018-08-13 | 2018-08-13 | A kind of terminal type recognition methods and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109347785A true CN109347785A (en) | 2019-02-15 |
Family
ID=65296714
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810916086.0A Pending CN109347785A (en) | 2018-08-13 | 2018-08-13 | A kind of terminal type recognition methods and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109347785A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110851817A (en) * | 2019-10-29 | 2020-02-28 | 锐捷网络股份有限公司 | Terminal type identification method and device |
CN111935212A (en) * | 2020-06-29 | 2020-11-13 | 杭州创谐信息技术股份有限公司 | Security router and Internet of things security networking method based on security router |
CN113507471A (en) * | 2021-07-12 | 2021-10-15 | 深圳市共进电子股份有限公司 | Method, device, router and storage medium for acquiring terminal system type |
CN114979077A (en) * | 2022-05-23 | 2022-08-30 | 中移(杭州)信息技术有限公司 | Device identification method, device, storage medium and apparatus |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101959178A (en) * | 2010-08-12 | 2011-01-26 | 百度在线网络技术(北京)有限公司 | Method and equipment for identifying terminal attribute of wireless terminal |
CN103346972A (en) * | 2013-06-26 | 2013-10-09 | 北京傲天动联技术股份有限公司 | Flow control device and method based on user terminal |
US20140068030A1 (en) * | 2012-08-31 | 2014-03-06 | Benjamin A. Chambers | Method for automatically applying access control policies based on device types of networked computing devices |
CN104683124A (en) * | 2013-11-26 | 2015-06-03 | 华为技术有限公司 | Terminal type identification method and device |
CN106302397A (en) * | 2016-07-29 | 2017-01-04 | 北京北信源软件股份有限公司 | A kind of equipment identification system based on device-fingerprint |
CN108271151A (en) * | 2016-12-31 | 2018-07-10 | 中国移动通信集团辽宁有限公司 | For the method and device of mobile Internet terminal identification |
-
2018
- 2018-08-13 CN CN201810916086.0A patent/CN109347785A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101959178A (en) * | 2010-08-12 | 2011-01-26 | 百度在线网络技术(北京)有限公司 | Method and equipment for identifying terminal attribute of wireless terminal |
US20140068030A1 (en) * | 2012-08-31 | 2014-03-06 | Benjamin A. Chambers | Method for automatically applying access control policies based on device types of networked computing devices |
CN103346972A (en) * | 2013-06-26 | 2013-10-09 | 北京傲天动联技术股份有限公司 | Flow control device and method based on user terminal |
CN104683124A (en) * | 2013-11-26 | 2015-06-03 | 华为技术有限公司 | Terminal type identification method and device |
CN106302397A (en) * | 2016-07-29 | 2017-01-04 | 北京北信源软件股份有限公司 | A kind of equipment identification system based on device-fingerprint |
CN108271151A (en) * | 2016-12-31 | 2018-07-10 | 中国移动通信集团辽宁有限公司 | For the method and device of mobile Internet terminal identification |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110851817A (en) * | 2019-10-29 | 2020-02-28 | 锐捷网络股份有限公司 | Terminal type identification method and device |
CN111935212A (en) * | 2020-06-29 | 2020-11-13 | 杭州创谐信息技术股份有限公司 | Security router and Internet of things security networking method based on security router |
CN111935212B (en) * | 2020-06-29 | 2023-05-09 | 杭州创谐信息技术股份有限公司 | Security router and Internet of things security networking method based on security router |
CN113507471A (en) * | 2021-07-12 | 2021-10-15 | 深圳市共进电子股份有限公司 | Method, device, router and storage medium for acquiring terminal system type |
CN114979077A (en) * | 2022-05-23 | 2022-08-30 | 中移(杭州)信息技术有限公司 | Device identification method, device, storage medium and apparatus |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109347785A (en) | A kind of terminal type recognition methods and device | |
EP3178011B1 (en) | Method and system for facilitating terminal identifiers | |
CN106650350B (en) | Identity authentication method and system | |
WO2018031921A1 (en) | Detecting scripted or otherwise anomalous interactions with social media platform | |
CN107404408B (en) | Virtual identity association identification method and device | |
CN109802953A (en) | A kind of recognition methods of industry control assets and device | |
US10567398B2 (en) | Method and apparatus for remote malware monitoring | |
US11729086B2 (en) | Methods and systems for internet speed testing | |
EP3211825A1 (en) | Trusted terminal verification method and apparatus | |
CN110401662A (en) | A kind of industrial control equipment fingerprint identification method, storage medium | |
CN109547426B (en) | Service response method and server | |
CN110213124A (en) | Passive operation system identification method and device based on the more sessions of TCP | |
CN108985048B (en) | Simulator identification method and related device | |
CN106850338B (en) | Semantic analysis-based R +1 type application layer protocol identification method and device | |
US11206277B1 (en) | Method and apparatus for detecting abnormal behavior in network | |
CN105550175A (en) | Malicious account identification method and apparatus | |
CN110851817A (en) | Terminal type identification method and device | |
TW201719484A (en) | Information security management system for application level log-based analysis and method using the same | |
CN106998336B (en) | Method and device for detecting user in channel | |
CN115237766A (en) | Fuzzy test case screening method and device, electronic equipment and storage medium | |
CN108200023A (en) | Unaware authentication method and device | |
CN112839055B (en) | Network application identification method and device for TLS encrypted traffic and electronic equipment | |
CN112134829A (en) | Method and device for generating encrypted flow characteristic set | |
CN109446807A (en) | The method, apparatus and electronic equipment of malicious robot are intercepted for identification | |
CN110460593B (en) | Network address identification method, device and medium for mobile traffic gateway |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190215 |
|
RJ01 | Rejection of invention patent application after publication |